Five phishing scams you should be aware of

Studying and working from home during the current COVID-19 pandemic has created additional security risks with criminals attempting to obtain usernames, passwords, information and money through email, text messages, or scam phone calls.

All these fraudulent communications are usually unsolicited, meaning you’ve been contacted out of the blue. Staff and students at the University are advised to stop and think before providing any details, even if an email or phone number looks legitimate at first glance.

The Computing Services Department (CSD) uses sophisticated spam filters to prevent a huge amount of suspect emails getting through to our staff and students, but inevitably some make it into our inboxes. CSD need everyone to remain vigilant and be aware of how to spot a scam in all its forms.

There are a number of phishing attempts in circulation at the moment. Here’s what you should be looking out for.

1. ‘COVID-19 news/update’ email scam

We are all poised for new information on the COVID-19 pandemic, and as such, we are ripe targets for scammers pretending to “update” us on the situation. These emails often look like they come from someone in the University, but if you click on the address the scam email came from, you’ll often see if doesn’t end in @liverpool.ac.uk. These emails might ask you to log in to read the latest updates, and they will direct you to a page that looks almost identical to the University’s webmail page. Remember to always look at the URL (web address) in the address bar to make sure you’re on a legitimate University website.

What to do

Don’t click on anything. If you receive an email like this and you’re suspicious of its origins, you can contact the supposed University sender by sending them an email via the University’s global address list to confirm the validity of the email. Don’t reply to the email you received. Always check the URLs in the address bar of a site you have been directed to. Don’t input any usernames or passwords. You can get all the latest COVID-19 updates from the University on the student intranet: liverpool.ac.uk. Also remember the CSD Service Desk are always available via servicedesk.liverpool.ac.uk to answer any questions or concerns you might have about an email.

2. “Warning! Mailbox storage limit” email scam

This is one of the most common email scams. It tells you you’ve used a large amount of your email storage space and you need to “click here” or “log in” to request to adjust your mailbox storage or prevent your emails from being deleted. This is designed to make you panic, often resulting in the recipient divulging details or clicking links without taking the time to read the email properly.

What to do

CSD provides all University email accounts with 50GB of space. So you’d need to store at least 10,000 high-quality photos or 10 full length, HD quality movies, in your inbox, to reach your limit. It’s extremely unlikely that you have reached your limit. If you receive an email like this, or you’re concerned about your email storage limit, contact the Service Desk at liverpool.ac.uk before clicking anything.

3. “Warning! Your mailbox has been classified as Exposed and Unsafe” email scam

This is another scam designed to scare you into giving up your details. This email tells you your Outlook Mailbox Security System is outdated and disabled, therefore leaving you vulnerable to unsolicited and scam emails. But in fact, this is the fraudulent email. It sometimes also tells you if you don’t update/click on the link, you will not be able to send messages anymore.

What to do

Don’t click on anything and don’t enter any personal details. If you hover over any links (most probably highlighted in blue) that you’re being asked to click on, you’ll see it’s directing you to a site not linked to the University. Report the email to CSD and delete: https://www.liverpool.ac.uk/csd/security/email-security/reporting-emails/

4. “Buy me a gift card/voucher” email scam

A fraudster impersonates someone in your department, then sends you an email asking you to buy a gift card or voucher with a promise to reimburse you once they’re back in the office.

What to do

The clue is in the email address. Scroll over or click on the name of the email sender to view the full email address. Look out for numerals used instead of letters (for example, a zero is used instead of the letter O).  Anything ending in @gmail.com, @outlook.com, or @btinternet.co.uk is most likely not a legitimate email from a University colleague. Most importantly, if an email seems suspicious in any way, don’t reply. Contact the person you think the email is from using the Global Address List (GAL) in Outlook, or via their University phone number, to confirm the request.

5. Service Desk incident email

Recently an email was sent to a number of University members, purporting to be from the CSD Service Desk. This email asked users to click on the “Your incident” link to provide feedback. In fact, the link directed readers to a fake site attempting to steal your MWS credentials.

What to do

First thing to do is not click on anything until you know where it’s going to take you. If there’s a hyperlink (usually in blue, underlines text) that you’re being asked to click, hover over it with your cursor. A preview of where that link will take you to should pop up in a white box. If it’s not a University page or a recognised website, don’t click on it. If you have clicked on it accidentally, don’t panic. Just remember – don’t enter any details such as usernames, passwords or personal details on the page it brings up.

More tips

Phishing attempts are evolving at a rapid rate, and it is becoming increasingly difficult to tell the difference between a genuine email and a scam. Here are some other clues to look out for in unsolicited email:

  • Look and feel
    Does this email look like ones you’ve received from that particular person or department before? If you’re sceptical, trust your gut – contact the Service Desk at liverpool.ac.uk immediately for advice.
  • Contact details
    If the email contains contact details such as email addresses and telephone numbers, cross-reference these with the official details listed on the company or department’s website. If they’re not matching up, stay safe and don’t click on anything in the email.
  • Spelling mistakes and bad grammar
    We’ve all made a typo in an email so it can happen, but official communication from departments and institutions should usually read well and professionally. If the tone, spelling or grammar of the email makes you think twice, it’s best to delete it and contact the person or company through other means to confirm the email is genuine.

CSD are committed to protecting the University’s staff, students and data from phishing attempts. The University needs everyone to be vigilant and careful, and report anything suspicious before taking any other action. Further information is available at:  https://www.liverpool.ac.uk/csd/security/email-security/reporting-emails/